Application Security (30)

Session Hijacking Attacks: How they Work and What you Can do to Prevent them

A web application user interacts with it in a variety of ways and can perform different actions depending upon his access restrictions. Most of the time these web applications require users to login in order to perform different actions that only authenticated and authorized users are allowed to perform. HTTP is a stateless protocol that doesn’t maintain user state when he/she performs different actions while using the web application. This meant that the application developers had to come up with a different way in order to maintain the state of the user’s connection with the web application. The use of session IDs and cookies is one such way to maintain this state. However malicious adversaries can employ different tactics to hijack the session of a legitimate user. These types of attacks are called session hijacking attacks. This article goes over the basics of the user session on the application and session hijacking, the types of session hijacking attacks, and the different techniques that can be used to prevent these attacks.

An Overview of Directory Traversal Attacks in a Web Application

Server security is a major problem for different enterprises. Due to their importance in ensuring the smooth operation of all other components of an information system such as networks, applications, or infrastructure, servers are frequently the primary targets of attacks. A web server hosts several files that must be protected from unauthorized access, either because they contain private information or because they are critical for the proper functioning of different services running on the server. These files include database records, configuration files, and files for server web applications, among many other things. In order to protect these files from unwanted disclosure, access, modification, or loss, the web server must be equipped with a number of security safeguards.

Insecure Deserialization Attacks

The insecure deserialization vulnerability is a major security flaw. The successful exploitation of this security flaw opens the door for the execution of high severity attacks including RCE (remote code execution) attacks, Denial of Service attacks, Authentication Bypass, Injection attacks and much more. The definitions as well as the basics of serialization and deserialization are covered in the opening paragraphs of this article. It then goes into the fundamentals of insecure deserialization vulnerability, how this attack is carried out, and the preventive approaches that can be employed to mitigate the risk posed by insecure deserialization attacks.

Implement Security in All Phases of SDLC

Secure SDLC starts with an analysis of your security posture using specified procedures. Only then can you define and implement SDLC processes in your environment. This blog article will show you how to assess your security posture and build a secure SDLC.

Remote Code Execution is a Serious Threat - Be Prepared!

If the attacker succeeds in taking complete control of the victim’s device, he can carry out a variety of harmful tasks like gaining root-level access, installing backdoors, setting up a command and control server, infecting further devices in the network, and much more. Utilizing the remote code execution vulnerability, or RCE in short is one method by which the attacker might get unauthorized access to a remote device. Through the use of remote code execution, attackers can remotely run malicious software on a devices or system. In this article, the fundamental ideas underpinning remote code execution, its impact, the many types of attacks, and the preventative measures to address this vulnerability are covered.

Ensure the Security of your App with a Secure SDLC

Security should be a key consideration in the design of any software application. A secure software development life cycle (SDLC) can help to ensure that security is built into your application from the start. This blog page discusses the importance of security by design in the software development lifecycle.

Windows Advanced Threat Protection

Windows Defender Advanced Threat Defense (ATP) offers proactive protection, detects threats and zero-day exploits, and provides centralized management for the whole security lifecycle.

The Role of Fuzz Testing in Improving Security

A malicious adversary may use a variety of underlying weaknesses to undermine the security of a system, application, or piece of software. The security, functionality, and availability of these systems may be significantly impacted by the exploitation of some of these vulnerabilities. Therefore, it is imperative to thoroughly test the software or application before deployment in order to find and fix any bugs or security problems.

Introduction to Web Caching and Web Cache Poisoning

Web applications such as e-commerce websites or websites that use Content delivery networks receive a large number of user requests from around the world. In order to deal with growing user requests and balance the load of the main server, web applications use different caching techniques. Caches are typically employed by the use of proxy servers or web browsers to store files such as images, videos, or audio files and different frequently accessed files in the local storage. Web caching is an effective technique that is used to handle growing user requests, improve network capacity, and provide a seamless user experience. This article covers the basics of web caching, how the attackers perform web cache poisoning attacks, the impact of web cache poisoning, and the recommended mitigation techniques.

An Overview of Cross-Origin Resource Sharing

The Same-Origin Policy is a security mechanism that prevents the resources belonging to a web application from being shared with another website. The major goal of this policy is to safeguard your web application against many attack methods, including malicious code execution, compromised user passwords, unauthorized disclosure of sensitive information, and much more. However, in today’s world, websites exchange a large number of resources with one another in order to provide numerous capabilities and a more seamless user experience.

Content Security Policy in Web Application Security

Weak security settings in a web application are exploited to perform different attacks that occur on its client-side. These types of attacks have the potential to steal important user information such as his credentials, credit/debit card information, and money from the user’s account, among other things. It is possible to configure the web application’s underlying web server in such a way that it becomes extremely challenging for an attacker to execute client-side attacks successfully.

An Overview into Website Mechanisms and Vulnerabilities

For cyber security professionals, it is important to gain an understanding of the various web technologies. Many cyber-attacks are carried out on websites and web servers for various reasons. It may be to retrieve credentials to get access to systems, to gain Personal Identifiable Information (PII). Or it may be to simply use a website to have users click on links that execute malicious code or that link to another, malicious, website. Cyber security professionals need to know how to protect systems and businesses against these kinds of attacks.

Web Application Username Enumeration and Defense Techniques

The Burp Intruder tab will be the target of our enumeration attack. Let’s navigate to the Target tab and select Send to Intruder by right-clicking one of the POST requests.

Windows Exploit Countermeasures: Part 1

Modern Windows systems are equipped with numerous robust exploit defenses. This post will concentrate on Windows exploit countermeasures present on Windows systems up to and including Windows 7 32-bit.

An Overview of File Inclusion Vulnerabilities

Web applications are used for a wide range of purposes by individuals and different organizations. These web applications provide multiple benefits to their users as well as various functionalities. They are, nonetheless, vulnerable to malicious adversaries’ attacks. The exploitation of some of these security weaknesses can impede the organization’s key business processes, resulting in significant financial losses. As a result, it is very important to identify and fix such vulnerabilities discovered in the web application. File inclusion vulnerabilities are one of the most common types of vulnerabilities. This article discusses the many forms of file inclusion vulnerabilities, as well as their consequences and how to protect against them.

Reduce API Security Risks by Following Best Practices

A set of subroutine definitions, protocols, and tools for developing application software is known as an application programming interface (API). It represents a set of communication protocols between different software components. A good API makes it easy to create a software by supplying all of the necessary building components, which the programmer then assembles. A web-based system, operating system, database system, computer hardware, or software library may all have APIs. The API allows a programmer creating an application program to send a request to the operating system. The operating system then forwards the request to the appropriate software component, which completes the task and returns a response to the programmer.

Federated Identity Management and Single-Sign-On (SSO)

Employees in an organization are provided access to various resources and applications in order to perform their day-to-day responsibilities. Instead of requiring the user to create a different set of credentials to access each application or different resources, the organization employs SSO (Single-Sign-On) and federated identity management technologies which results in smoother access to these resources/applications. These technologies when implemented correctly, increase functionality and protect organization’s valuable assets. This article covers the federated identity management concepts, different frameworks used for its implementation, and the security challenges related to it.

Open Redirection

Occasionally, programs must redirect visitors to a different page. The intended functionality of that would be to redirect the user to a desired website, but it’s quite easy for attackers to mess this up when their user input might impact the redirections’ outcome. In other terms, an open redirect occurs when a website allows for a redirection to an unexpected page.

Broken Access Control (BAC)

Users cannot behave beyond their specified privileges because access control imposes numerous policies. Hence, unauthorized disclosure of information, alteration or loss of any or all data, or executing a corporate activity outside of the user’s bounds are all common outcomes of failures and may lead to Broken Access Control.

Keep Your Online Applications Safe With a Web Application Firewall (WAF)

Web application firewalls are some of the most recent developments in the field of firewall technology (WAFs). In this blog post, we will define what a web application firewall is, how it functions. We will also cover some of the benefits of using a web application firewall.

Content Discovery - Part 2

In a previous article, we discussed robots.txt and automatic scanning for content. There are many more ways to discover hidden content on websites. In this blog post, we are going to manually find additional valuable information about websites.

Content Discovery - Part 1

The first stage in attacking software is obtaining and analyzing critical information about it in order to acquire a better grasp of what you’re dealing with. We can find information either manually, with the help of automated tools, or with Open-Source Intelligence (OSINT). This blog article will introduce you to discovering website content using automated tools.

Model Your Threats to Protect Your Assets

Every organization has several valuable assets that must be safeguarded. The assets can be tangible, such as computers, laptops, and network equipment, or intangible, such as information, data, programs, and so on. As the number of cyber-attacks increases around the world, the focus on cyber security is shifting from reactive to proactive methods. A proactive cybersecurity strategy is a preventative strategy that seeks to discover any vulnerabilities and threats surrounding our assets before they have an opportunity to compromise the security of our assets. Threat modeling is one of the most widely utilized proactive methodologies in the creation of secure systems and applications. This article will explain what threat modeling is and how you can leverage it to improve your organization’s security posture.

Develop Secure Java Applets: A Step-by-Step Guide

What if a malicious code takes over all of your local resources while you’re working on a Java applet? This is something that should never happen.

Generate a Scalable View of Your Software Development Process

SDLC, or Software Development Life Cycle, is a set of procedures for developing software applications. These steps break the development process down into tasks that can be assigned, completed, and measured.

Protect your Web Applications Against CSRF Attacks

Cross-site request forgery (CSRF) is a type of attack that allows an attacker to do unauthorized actions on behalf of a user. A CSRF attack happens when a malicious site sends a request to a victim site, causing the victim site to perform an action intended by the attacker. This can be used to steal information, such as login passwords, or to take acts on the user’s behalf, such as moving funds from their account.

Input Validation for Greater Security

When developing online apps that accept any sort of user input, you must ensure that input validation is performed. To begin with, you should never allow a user to include script the input field. However, this does not totally fix the problem; an attacker still has numerous smart alternatives at his or her disposal. Input validation is a must when developing a secure application. One of the most common causes of application vulnerabilities is a lack of or inappropriate usage of input validation. All information obtained from a client should be handled as unreliable and checked before further processing. Many developers utilize server-side programming to meet this need. Otherwise, the user may send harmful input to a program that can exploit a flaw.

Securing Application Cookies

Sensitive data storage and safety in online applications is a major vulnerability. Attackers employ a variety of techniques to get illegal access to the data stored in your system (which is also referred to as “client-side”) and processed by apps. In this blog post, we are going to explain what a cookie is, design vulnerabilities, and possible methods of preventing cookie attacks.

Introduction to STRIDE as a Threat Modelling Framework

Threat modelling is the process of identifying potential threats to a system and figuring out how to mitigate or eliminate those threats. The goal is to make the system more secure and resilient against attacks. Threat modelling can be done at different levels, from high-level overviews down to very detailed analysis. A vital phase of the threat modeling strategy is specifying the potential dangers that an application or system may encounter and its weaknesses.

OWASP Top 10: The Most Common Security Flaws in Web Applications

Web applications are created with a major emphasis on functionality, not security. As a result of this focus, malicious actors exploit vulnerabilities to steal/modify sensitive information or carry out unauthorized activities. Security always comes as an afterthought in the form of patches to deal with security flaws in web applications.